Anonymous
|
|
193.37.32.149 - - [11/Sep/2024:05:30:40 +0200] "GET /wp-login.php HTTP/2.0" 302 559 "http://reinward ... show more193.37.32.149 - - [11/Sep/2024:05:30:40 +0200] "GET /wp-login.php HTTP/2.0" 302 559 "http://reinwardtacademie.nl/wp-login.php" "Go-http-client/2.0"
193.37.32.149 - - [11/Sep/2024:05:32:12 +0200] "GET /wp-includes/Text/wp-login.php HTTP/1.1" 302 682 "-" "Go-http-client/1.1"
193.37.32.149 - - [11/Sep/2024:05:34:04 +0200] "GET /wp-includes/IXR/wp-login.php HTTP/2.0" 302 578 "http://consam.nl/wp-includes/IXR/wp-login.php" "Go-http-client/2.0"
193.37.32.149 - - [11/Sep/2024:05:34:24 +0200] "GET /xmlrpc.php HTTP/2.0" 302 548 "http://consam.nl/xmlrpc.php" "Go-http-client/2.0"
193.37.32.149 - - [11/Sep/2024:05:36:23 +0200] "GET /wp-content/uploads/wp-login.php HTTP/1.1" 302 690 "-" "Go-http-client/1.1"
193.37.32.149 - - [11/Sep/2024:05:36:27 +0200] "GET /wp-admin/network/wp-login.php HTTP/1.1" 302 690 "-" "Go-http-client/1.1"
193.37.32.149 - - [11/Sep/2024:05:38:32 +0200] "GET /wp-includes/pomo/wp-login.php HTTP/1.1" 302 673 "-" "Go-http-client/1.1"
... show less
|
Brute-Force
|
|
taivas.nl
|
|
Wordpress_Attack
|
Web App Attack
|
|
Anonymous
|
|
wordpress-trap
|
Web App Attack
|
|
Burayot
|
|
LF_APACHE_403: 193.37.32.149 (SG/Singapore/-), more than 10 Apache 403 hits in the last 3600 secs
|
Web App Attack
|
|
mawan
|
|
Suspected of having performed illicit activity on LAX server.
|
Web App Attack
|
|
Anonymous
|
|
wordpress-trap
|
Web App Attack
|
|
Anonymous
|
|
wordpress-trap
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 193.37.32.149 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 193.37.32.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 02 04:08:08.211359 2024] [security2:error] [pid 11174:tid 11174] [client 193.37.32.149:39583] [client 193.37.32.149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.eb5coalition.org"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "ZtVyaAy-auULLcr_AmH5nQAAAAs"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
wordpress-trap
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 193.37.32.149 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 193.37.32.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 21:15:21.374514 2024] [security2:error] [pid 20008:tid 20008] [client 193.37.32.149:19315] [client 193.37.32.149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ilovecoffeegroup.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "ZtEdKVUHewCJPW6q44zBCAAAAAg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
jcbriar
|
|
Searching for vulnerable scripts
|
Hacking
Web App Attack
|
|
Anonymous
|
|
193.37.32.149 - - [29/Aug/2024:14:21:38 +0200] "GET /504.php HTTP/1.1" 403 344 "-" "Go-http-client/1 ... show more193.37.32.149 - - [29/Aug/2024:14:21:38 +0200] "GET /504.php HTTP/1.1" 403 344 "-" "Go-http-client/1.1"
... show less
|
Web App Attack
|
|
Rizzy
|
|
Multiple WAF Violations
|
Brute-Force
Web App Attack
|
|
Anonymous
|
|
wordpress-trap
|
Web App Attack
|
|
Bedios GmbH
|
|
Wordpress hacking attempt
|
Web App Attack
|
|